Researchers: Attacks on U.S., Korea sites came from U.K.

A security firm in Vietnam says it has traced the origin of the denial-of-service attacks to the U.K., contrary to speculation that North Korea was the culprit.

The denial-of-service attacks launched on Web sites in South Korea and the United States earlier this month appear to have come from a master server in the United Kingdom, according to security researchers in Vietnam.

The master server controls all of the eight command and control servers involved in the series of distributed denial-of-service attacks that started on the July 4 weekend, security firm Bkis said in a blog posting on its Web site on Monday. Bkis said it gained control of two of the servers.

The Vietnamese firm estimated the number of compromised PCs involved in the attacks to be around 167,000 in 74 countries.

Botnet expert Joe Stewart of SecureWorks told CNET News that that number sounded high. Security experts had been estimating that there were 50,000 infected PCs in the botnet.

The attacks targeted dozens of government and commercial sites in the U.S. and South Korea, causing temporary outages at many of them.

Code on the compromised PCs was set to erase or overwrite data late last week but researchers in the U.S. were not aware of any reports of that happening.

 

Join the discussion

Conversation powered by Livefyre

Show Comments Hide Comments
Latest Galleries from CNET
Uber's tumultuous ups and downs in 2014 (pictures)
The best and worst quotes of 2014 (pictures)
A roomy range from LG (pictures)
This plain GE range has all of the essentials (pictures)
Sony's 'Interview' heard 'round the world (pictures)
Google Lunar XPrize: Testing Astrobotic's rover on the rocks (pictures)